IMG_0501_765_013.exe

General
Target

IMG_0501_765_013.exe

Size

222KB

Sample

210506-jvaaqkpyyj

Score
10 /10
MD5

716e89179126809cc5a4b476a03dda11

SHA1

29bfe1170a118c56776938fb44289884da261294

SHA256

2976262aeed56001f874b183072c03360a1dbcdde67bfdcc982078d3bc246857

SHA512

fbecf0cdd2bb9df647034bc16d0c6b9749406c30a10e4fa19305b592f066670af80137923c56ef2f9c12b3cc44a2eb99e1b1f9913ebc37abb775b6fd15e27e22

Malware Config

Extracted

Family oski
C2

31.210.21.154

Targets
Target

IMG_0501_765_013.exe

MD5

716e89179126809cc5a4b476a03dda11

Filesize

222KB

Score
10 /10
SHA1

29bfe1170a118c56776938fb44289884da261294

SHA256

2976262aeed56001f874b183072c03360a1dbcdde67bfdcc982078d3bc246857

SHA512

fbecf0cdd2bb9df647034bc16d0c6b9749406c30a10e4fa19305b592f066670af80137923c56ef2f9c12b3cc44a2eb99e1b1f9913ebc37abb775b6fd15e27e22

Tags

Signatures

  • Oski

    Description

    Oski is an infostealer targeting browser data, crypto wallets.

    Tags

  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10